diff options
author | José Bollo <jose.bollo@iot.bzh> | 2018-12-12 14:24:11 +0100 |
---|---|---|
committer | José Bollo <jose.bollo@iot.bzh> | 2018-12-18 10:53:07 +0100 |
commit | c888e1c4dce2ee70521b7cf6e8ec8ec60a7aeea1 (patch) | |
tree | 3f8230200afa458e326ec4d3aa0b3fde5b8e10f2 | |
parent | 6fc5ad52250e6dc63b40b17376668f40a016926e (diff) |
smack-system-setup: Update udev rules
Add rules to correctly tag devices with *.
The most general rule is that devices should be
protected using DAC rules (user and group).
Bug-AGL: SPEC-2006
Change-Id: Ie18f79353f8f7645c2b615a359c65ec3a6984958
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
-rw-r--r-- | meta-security/recipes-core/smack-system-setup/files/55-udev-smack-default.rules | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/meta-security/recipes-core/smack-system-setup/files/55-udev-smack-default.rules b/meta-security/recipes-core/smack-system-setup/files/55-udev-smack-default.rules index 3829019de..eca65292f 100644 --- a/meta-security/recipes-core/smack-system-setup/files/55-udev-smack-default.rules +++ b/meta-security/recipes-core/smack-system-setup/files/55-udev-smack-default.rules @@ -8,10 +8,14 @@ KERNEL=="video*", SECLABEL{smack}="*" KERNEL=="card*", SECLABEL{smack}="*" KERNEL=="ptmx", SECLABEL{smack}="*" KERNEL=="tty", SECLABEL{smack}="*" +KERNEL=="rfkill", SECLABEL{smack}="*" + +SUBSYSTEM=="most_cdev_aim", SECLABEL{smack}="*" SUBSYSTEM=="graphics", GROUP="video", SECLABEL{smack}="*" SUBSYSTEM=="drm", GROUP="video", SECLABEL{smack}="*" SUBSYSTEM=="dvb", GROUP="video", SECLABEL{smack}="*" +SUBSYSTEM=="sound", GROUP="audio", SECLABEL{smack}="*" SUBSYSTEM=="tty", KERNEL=="ptmx", GROUP="tty", MODE="0666", SECLABEL{smack}="*" SUBSYSTEM=="tty", KERNEL=="tty", GROUP="tty", MODE="0666", SECLABEL{smack}="*" |